myvemail/build/run/docker-entrypoint/init.d/15-opendkimmarc.sh

#!/usr/bin/env bash
# Grab domain list
domains=(${MYVEMAIL_DOMAIN})
domains+=(${MYVEMAIL_ADDMX//,/ })

# Permissions
chmod go-rw /etc/opendkim/keys

# Remove socks
rm -f /var/spool/postfix/opendkim/opendkim.sock \
    /var/spool/postfix/opendmarc/opendmarc.sock

# Opendkim
# Add domain entries to DKIM tables
for domain in ${domains[@]}
do
    echo "*@${domain}      default._domainkey.${domain}" | tee -a /etc/opendkim/SigningTable >/dev/null
    echo "default._domainkey.${domain}     ${domain}:default:/etc/opendkim/keys/${domain}/default.private" | tee -a /etc/opendkim/KeyTable >/dev/null
    echo "*.${domain}" | tee -a /etc/opendkim/trusted.hosts >/dev/null

    # Generate DKIM key
    if [ ! -f /etc/opendkim/keys/${domain}/default.private ]
    then
        mkdir -p /etc/opendkim/keys/${domain}
        opendkim-genkey -b 2048 -d ${domain} -D /etc/opendkim/keys/${domain} -s default

        # In your DNS manager, create a TXT record, enter default._domainkey in the name field
        echo -e "\n\e[1;34mUpdate DKIM TXT on DNS registrar and press any key to continue\e[5m...\e[0m"
        echo -e "\e[3m# Use default._domainkey in the host field"
        echo -e "# Check with 'opendkim-testkey -d ${domain} -s default'"
        echo -e "# Or visit https://www.dmarcanalyzer.com/dkim/dkim-checker/\e[0m"
        sed -e ':a' -e 'N' -e '$!ba' -e 's/\n//g' -e 's/.*( //' -e 's/ ).*//' -e 's/[ \t]*//g' -e 's/"//g' /etc/opendkim/keys/${domain}/default.txt
    fi
    echo
done

# OpenDMARC
sed -i "s/{{HOSTNAME}}/${MYVEMAIL_SUBDOMAIN}.${MYVEMAIL_DOMAIN}/" ${MYVEMAIL_OPENDMARC_CONF}

# Permissions
chown root:root -R /etc/opendkim/keys/
chown opendkim:opendkim /etc/opendkim/keys/*/default.private
chmod 600 /etc/opendkim/keys/*/default.private

# Start services
opendkim -x ${MYVEMAIL_OPENDKIM_CONF} -p /var/spool/postfix/opendkim/opendkim.sock
opendmarc -c ${MYVEMAIL_OPENDMARC_CONF} -p /var/spool/postfix/opendmarc/opendmarc.sock